Closed ployt0 closed 1 year ago
Hi, just for clarification, by "At first I copied in my own private key" you mean volume mounted a path from the host filesystem? and now without that volume it still does not work?
What path did you volume mount in the container? and how do you manage the container? I know for example that docker-compose can be tricky in some cases where volumes get persisted between image updates etc.
Hey. Correct. Correct.
No one said anything about docker-compose. I was just following your README:
docker run -e POSTFIX_myhostname=smtp.domain.tld mwader/postfix-relay
Where I mounted, when I mounted, is immaterial, as I have explained.
I am not going to be testing this for you any further. The same behaviour was observed in version 1.0.1.
@ployt0 Please consider that not only is @wader providing and maintaining this software to you for free, they are offering to help you for free as well. I think people will be more likely to continue doing that if you treat them with dignity and respect. (I'm unaffiliated with this repo, and don't claim to speak for @wader, but I do appreciate their efforts.)
Ok, but you did docker run
with a volume path? what path? please provide as much details as possible or even better reproduction steps.
Dude, you just established with or without volume path made no difference.
I didn't come here to argue and really really wish I never posted.
@ployt0 Please consider that not only is @wader providing and maintaining this software to you for free, they are offering to help you for free as well. I think people will be more likely to continue doing that if you treat them with dignity and respect. (I'm unaffiliated with this repo, and don't claim to speak for @wader, but I do appreciate their efforts.)
He isn't providing me anything. Perhaps if it worked as advertised I'd have more unforced respect for it.
I have provided the bug report, the steps to reproduce and diagnose. I am not asking for anything. I didn't expect this to turn into a huge, hard to follow issue like all the others on here.
Closing by attrition.
Sorry didn't intend to sound like arguing, just wanted clarifications.
So first you started a container using something like:
docker run -e OPENDKIM_DOMAINS=test.tldn -v /etc/opendkim:/path/on/host mwader/postfix-relay:1.1.8
Base on the ps output it looks like opendkim was started and when i try the same i see similar ps output, opendkim plus some postfix processes.
I can reproduce the Unable to bind to port inet:12301@localhost: Address already in use
log be trying to start opendkim, which i think is just because it's already running at that point.
For me the pid file /var/run/opendkim/opendkim.pid
is correct and it gets stopped correctly. But i can reproduce the Stopping OpenDKIM: No /usr/sbin/opendkim found running; none killed.
error by overwriting the pid file before stopping the container.
So in you case was opendkim started (and worked?) but for some strange reason the pid file gets overwritten?
Note that currently i'm not sure if it's possible to volume mount your own opendkim config as currently opendkim will only be started if a OPENDKIM_DOMAINS
environment is specified which also mean that the run script will poke around in /etc/opendkim, see https://github.com/wader/postfix-relay/blob/master/run#L4-L39. That should probably be documented and also maybe it should be possible to start opendkim anyways.
I also noticed that opendkim is currently unconditionally stopped even if not started by the run script at container stop, which might cause confusion.
More tests to illustrate the failure:
:/# opendkim-testkey -k /etc/opendkim/keys/silverbullets.co.uk/x.private -s x -d silverbullets.co.uk -vvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: key loaded from /etc/opendkim/keys/silverbullets.co.uk/x.private
opendkim-testkey: checking key 'x._domainkey.silverbullets.co.uk'
opendkim-testkey: key not secure
opendkim-testkey: key OK
Another symptom (I can't fix this one):
:/# opendkim-testkey -vvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: invalid data set type
Here's the cure:
:/# echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.conf
:/# opendkim-testkey -k /etc/opendkim/keys/silverbullets.co.uk/x.private -s x -d silverbullets.co.uk -vvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: key loaded from /etc/opendkim/keys/silverbullets.co.uk/x.private
opendkim-testkey: checking key 'x._domainkey.silverbullets.co.uk'
opendkim-testkey: key secure
opendkim-testkey: key OK
At least I can send emails using DKIM now though.
Ok thanks the reply. I don't know much about opendkim so not sure i can help much. Could the things the run script do cause those errors if they overwrote an already existing volume mounted config?
I have similour problems.
Only difference is that adding TrustAnchorFile /usr/share/dns/root.key to /etc/opendkim.conf did not resolve any of my issues. I'm still not able to start opendkim service
OpenDKIM Filter: Unable to bind to port inet:12302@localhost: Address already in use
opendkim[791]: OpenDKIM Filter: Unable to create listening socket on conn inet:12302@localhost
opendkim[791]: smfi_opensocket() failed
And I still have opendkim-testkey: key not secure
One thing I notice, permissions on private key are 600, they should be 400 if not mistaken
I tried using the docker image for DKIM
At first I copied in my own private key. I could not get DKIM working. Now I'm not bothering to volume mount and instead copying the given DNS record to a new selector in my DNS zone.
opendkim
appears to be down:If I don't volume mount, I can see a lot of processes:
I can attempt to start opedkim but that only results in three log entries:
There is an
opendkim
process, but the pidfile is wrong:lsof
returns nothing:I installed
iproute2
and ran this:I'm using
mwader/postfix-relay:1.1.8
and providingPOSTFIX_myhostname=example.com
andOPENDKIM_DOMAINS=example.com
. Replacingexample.com
.As I closed that container I notice: